General
-
Target
dd633effed26a60f6ff537b5b6be88a1_JaffaCakes118
-
Size
8.9MB
-
Sample
240406-g2z4cacd8y
-
MD5
dd633effed26a60f6ff537b5b6be88a1
-
SHA1
e696031a371fdd7c04e954c8d77c00593dcfb71c
-
SHA256
5f236235eb4d4618ec30ca9e788d62b7826254be1ac53a0ecdce0408d4fe07c8
-
SHA512
769314df26e5653cf5629325fc110990c15dd03d04eb79aa003dd926c2a5c04ce3739f8829288ab32f357f0eec1bb55d80554dc68871d51aa7bde118210ee50a
-
SSDEEP
196608:A3qCEEkDhSQd4zgdFpcHPHpjooICp3qCEEkDhSQd4zgdFpcHPHpjooICD3qCEEkc:A3qEEuHpjooIM3qEEuHpjooIM3qEEuHv
Malware Config
Targets
-
-
Target
dd633effed26a60f6ff537b5b6be88a1_JaffaCakes118
-
Size
8.9MB
-
MD5
dd633effed26a60f6ff537b5b6be88a1
-
SHA1
e696031a371fdd7c04e954c8d77c00593dcfb71c
-
SHA256
5f236235eb4d4618ec30ca9e788d62b7826254be1ac53a0ecdce0408d4fe07c8
-
SHA512
769314df26e5653cf5629325fc110990c15dd03d04eb79aa003dd926c2a5c04ce3739f8829288ab32f357f0eec1bb55d80554dc68871d51aa7bde118210ee50a
-
SSDEEP
196608:A3qCEEkDhSQd4zgdFpcHPHpjooICp3qCEEkDhSQd4zgdFpcHPHpjooICD3qCEEkc:A3qEEuHpjooIM3qEEuHpjooIM3qEEuHv
Score8/10-
Drops file in Drivers directory
-
Manipulates Digital Signatures
Attackers can apply techniques such as modifying certain DLL exports to make their binary seem valid.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops file in System32 directory
-